diff options
32 files changed, 189 insertions, 399 deletions
diff --git a/build/build.xml b/build/build.xml index 897176b77c..538c62f24a 100644 --- a/build/build.xml +++ b/build/build.xml @@ -3,8 +3,8 @@ <project name="phpBB" description="The phpBB forum software" default="all" basedir="../"> <!-- a few settings for the build --> <property name="newversion" value="3.2.5-dev" /> - <property name="prevversion" value="3.2.4-RC1" /> - <property name="olderversions" value="3.0.14, 3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.7-pl1, 3.1.8, 3.1.9, 3.1.10, 3.1.11, 3.1.12, 3.2.0-a1, 3.2.0-a2, 3.2.0-b1, 3.2.0-b2, 3.2.0-RC1, 3.2.0-RC2, 3.2.0, 3.2.1, 3.2.2, 3.2.3" /> + <property name="prevversion" value="3.2.4" /> + <property name="olderversions" value="3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.1.7, 3.1.7-pl1, 3.1.8, 3.1.9, 3.1.10, 3.1.11, 3.1.12, 3.2.0-a1, 3.2.0-a2, 3.2.0-b1, 3.2.0-b2, 3.2.0-RC1, 3.2.0-RC2, 3.2.0, 3.2.1, 3.2.2, 3.2.3" /> <!-- no configuration should be needed beyond this point --> <property name="oldversions" value="${olderversions}, ${prevversion}" /> diff --git a/phpBB/adm/style/acp_attachments.html b/phpBB/adm/style/acp_attachments.html index 2baca09f5e..868e256ef5 100644 --- a/phpBB/adm/style/acp_attachments.html +++ b/phpBB/adm/style/acp_attachments.html @@ -37,12 +37,6 @@ <!-- IF S_ATTACHMENT_SETTINGS --> - <!-- IF not S_THUMBNAIL_SUPPORT --> - <div class="errorbox"> - <p>{L_NO_THUMBNAIL_SUPPORT}</p> - </div> - <!-- ENDIF --> - <form id="attachsettings" method="post" action="{U_ACTION}"> <!-- BEGIN options --> <!-- IF options.S_LEGEND --> diff --git a/phpBB/config/installer/container/services_install_obtain_data.yml b/phpBB/config/installer/container/services_install_obtain_data.yml index cd8d0c8072..010aba829d 100644 --- a/phpBB/config/installer/container/services_install_obtain_data.yml +++ b/phpBB/config/installer/container/services_install_obtain_data.yml @@ -33,13 +33,6 @@ services: tags: - { name: install_obtain_data, order: 40 } - installer.obtain_data.obtain_imagick_path: - class: phpbb\install\module\obtain_data\task\obtain_imagick_path - arguments: - - '@installer.helper.config' - tags: - - { name: install_obtain_data, order: 60 } - installer.obtain_data.obtain_server_data: class: phpbb\install\module\obtain_data\task\obtain_server_data arguments: diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 936bd17623..05c0b947cb 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -50,6 +50,7 @@ <ol> <li><a href="#changelog">Changelog</a> <ul> + <li><a href="#v324rc1">Changes since 3.2.4-RC1</a></li> <li><a href="#v323">Changes since 3.2.3</a></li> <li><a href="#v323rc2">Changes since 3.2.3-RC2</a></li> <li><a href="#v323rc1">Changes since 3.2.3-RC1</a></li> @@ -132,6 +133,16 @@ <div class="inner"> <div class="content"> + <a name="v324rc1"></a><h3>Changes since 3.2.4-RC1</h3> + <h4>Bug</h4> + <ul> + <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-15860">PHPBB3-15860</a>] - Backups filenames arent saved in the expected format</li> + </ul> + <h4>Security Issue</h4> + <ul> + <li>[SECURITY-227] - Phar deserialization in ACP leads to Remote Code Execution</li> + </ul> + <a name="v323"></a><h3>Changes since 3.2.3</h3> <h4>Bug</h4> <ul> diff --git a/phpBB/docs/INSTALL.html b/phpBB/docs/INSTALL.html index 9c2671e085..853607886b 100644 --- a/phpBB/docs/INSTALL.html +++ b/phpBB/docs/INSTALL.html @@ -159,7 +159,6 @@ <li>zlib Compression support</li> <li>Remote FTP support</li> <li>XML support</li> - <li>ImageMagick support</li> <li>GD Support</li> </ul> </li> diff --git a/phpBB/includes/acp/acp_attachments.php b/phpBB/includes/acp/acp_attachments.php index 6c2df8d999..5b1db5c31b 100644 --- a/phpBB/includes/acp/acp_attachments.php +++ b/phpBB/includes/acp/acp_attachments.php @@ -164,7 +164,6 @@ class acp_attachments 'img_create_thumbnail' => array('lang' => 'CREATE_THUMBNAIL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'img_max_thumb_width' => array('lang' => 'MAX_THUMB_WIDTH', 'validate' => 'int:0:999999999999999', 'type' => 'number:0:999999999999999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), 'img_min_thumb_filesize' => array('lang' => 'MIN_THUMB_FILESIZE', 'validate' => 'int:0:999999999999999', 'type' => 'number:0:999999999999999', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']), - 'img_imagick' => array('lang' => 'IMAGICK_PATH', 'validate' => 'absolute_path', 'type' => 'text:20:200', 'explain' => true, 'append' => ' <span>[ <a href="' . $this->u_action . '&action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'), 'img_max' => array('lang' => 'MAX_IMAGE_SIZE', 'validate' => 'int:0:9999', 'type' => 'dimension:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), 'img_link' => array('lang' => 'IMAGE_LINK_SIZE', 'validate' => 'int:0:9999', 'type' => 'dimension:0:9999', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']), ) @@ -234,38 +233,6 @@ class acp_attachments $template->assign_var('S_ATTACHMENT_SETTINGS', true); - if ($action == 'imgmagick') - { - $this->new_config['img_imagick'] = $this->search_imagemagick(); - } - - // We strip eventually manual added convert program, we only want the patch - if ($this->new_config['img_imagick']) - { - // Change path separator - $this->new_config['img_imagick'] = str_replace('\\', '/', $this->new_config['img_imagick']); - $this->new_config['img_imagick'] = str_replace(array('convert', '.exe'), array('', ''), $this->new_config['img_imagick']); - - // Check for trailing slash - if (substr($this->new_config['img_imagick'], -1) !== '/') - { - $this->new_config['img_imagick'] .= '/'; - } - } - - $supported_types = get_supported_image_types(); - - // Check Thumbnail Support - if (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !count($supported_types['format']))) - { - $this->new_config['img_create_thumbnail'] = 0; - } - - $template->assign_vars(array( - 'U_SEARCH_IMAGICK' => $this->u_action . '&action=imgmagick', - 'S_THUMBNAIL_SUPPORT' => (!$this->new_config['img_imagick'] && (!isset($supported_types['format']) || !count($supported_types['format']))) ? false : true) - ); - // Secure Download Options - Same procedure as with banning $allow_deny = ($this->new_config['secure_allow_deny']) ? 'ALLOWED' : 'DISALLOWED'; @@ -1496,47 +1463,6 @@ class acp_attachments } /** - * Search Imagick - */ - function search_imagemagick() - { - $imagick = ''; - - $exe = ((defined('PHP_OS')) && (preg_match('#^win#i', PHP_OS))) ? '.exe' : ''; - - $magic_home = getenv('MAGICK_HOME'); - - if (empty($magic_home)) - { - $locations = array('C:/WINDOWS/', 'C:/WINNT/', 'C:/WINDOWS/SYSTEM/', 'C:/WINNT/SYSTEM/', 'C:/WINDOWS/SYSTEM32/', 'C:/WINNT/SYSTEM32/', '/usr/bin/', '/usr/sbin/', '/usr/local/bin/', '/usr/local/sbin/', '/opt/', '/usr/imagemagick/', '/usr/bin/imagemagick/'); - $path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', getenv('PATH')))); - - $locations = array_merge($path_locations, $locations); - - foreach ($locations as $location) - { - // The path might not end properly, fudge it - if (substr($location, -1) !== '/') - { - $location .= '/'; - } - - if (@file_exists($location) && @is_readable($location . 'mogrify' . $exe) && @filesize($location . 'mogrify' . $exe) > 3000) - { - $imagick = str_replace('\\', '/', $location); - continue; - } - } - } - else - { - $imagick = str_replace('\\', '/', $magic_home); - } - - return $imagick; - } - - /** * Test Settings */ function test_upload(&$error, $upload_dir, $create_directory = false) diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php index b98756a34b..19c4f6e4f1 100644 --- a/phpBB/includes/acp/acp_database.php +++ b/phpBB/includes/acp/acp_database.php @@ -203,7 +203,7 @@ class acp_database $file = $request->variable('file', ''); $download = $request->variable('download', ''); - if (!preg_match('#^backup_\d{10,}_[a-z\d]{16}\.(sql(?:\.(?:gz|bz2))?)$#', $file, $matches)) + if (!preg_match('#^backup_\d{10,}_(?:[a-z\d]{16}|[a-z\d]{32})\.(sql(?:\.(?:gz|bz2))?)$#i', $file, $matches)) { trigger_error($user->lang['BACKUP_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } @@ -402,7 +402,7 @@ class acp_database { while (($file = readdir($dh)) !== false) { - if (preg_match('#^backup_(\d{10,})_[a-z\d]{16}\.(sql(?:\.(?:gz|bz2))?)$#', $file, $matches)) + if (preg_match('#^backup_(\d{10,})_(?:[a-z\d]{16}|[a-z\d]{32})\.(sql(?:\.(?:gz|bz2))?)$#i', $file, $matches)) { if (in_array($matches[2], $methods)) { diff --git a/phpBB/includes/acp/acp_extensions.php b/phpBB/includes/acp/acp_extensions.php index 6f65dc9fa0..a1cb2108e7 100644 --- a/phpBB/includes/acp/acp_extensions.php +++ b/phpBB/includes/acp/acp_extensions.php @@ -35,11 +35,13 @@ class acp_extensions private $request; private $phpbb_dispatcher; private $ext_manager; + private $phpbb_container; + private $php_ini; function main() { // Start the page - global $config, $user, $template, $request, $phpbb_extension_manager, $phpbb_root_path, $phpbb_log, $phpbb_dispatcher; + global $config, $user, $template, $request, $phpbb_extension_manager, $phpbb_root_path, $phpbb_log, $phpbb_dispatcher, $phpbb_container; $this->config = $config; $this->template = $template; @@ -48,6 +50,8 @@ class acp_extensions $this->log = $phpbb_log; $this->phpbb_dispatcher = $phpbb_dispatcher; $this->ext_manager = $phpbb_extension_manager; + $this->phpbb_container = $phpbb_container; + $this->php_ini = $this->phpbb_container->get('php_ini'); $this->user->add_lang(array('install', 'acp/extensions', 'migrator')); @@ -57,7 +61,7 @@ class acp_extensions $ext_name = $this->request->variable('ext_name', ''); // What is a safe limit of execution time? Half the max execution time should be safe. - $safe_time_limit = (ini_get('max_execution_time') / 2); + $safe_time_limit = ($this->php_ini->getNumeric('max_execution_time') / 2); $start_time = time(); // Cancel action diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php index c00f9bd207..c31b63a403 100644 --- a/phpBB/includes/bbcode.php +++ b/phpBB/includes/bbcode.php @@ -35,10 +35,19 @@ class bbcode /** * Constructor - * Init bbcode cache entries if bitfield is specified */ function __construct($bitfield = '') { + $this->bbcode_set_bitfield($bitfield); + } + + /** + * Init bbcode cache entries if bitfield is specified + * + * @param string $bbcode_bitfield The bbcode bitfield + */ + function bbcode_set_bitfield($bitfield = '') + { if ($bitfield) { $this->bbcode_bitfield = $bitfield; diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 3fec88a354..99f65a0e92 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -115,7 +115,7 @@ function gen_rand_string_friendly($num_chars = 8) */ function unique_id() { - return gen_rand_string(32); + return strtolower(gen_rand_string(16)); } /** diff --git a/phpBB/includes/functions_acp.php b/phpBB/includes/functions_acp.php index 8bf42aa36e..9b7491305c 100644 --- a/phpBB/includes/functions_acp.php +++ b/phpBB/includes/functions_acp.php @@ -564,9 +564,6 @@ function validate_config_vars($config_vars, &$cfg_array, &$error) $cfg_array[$config_name] = trim($destination); - // Absolute file path - case 'absolute_path': - case 'absolute_path_writable': // Path being relative (still prefixed by phpbb_root_path), but with the ability to escape the root dir... case 'path': case 'wpath': @@ -585,7 +582,7 @@ function validate_config_vars($config_vars, &$cfg_array, &$error) break; } - $path = in_array($config_definition['validate'], array('wpath', 'path', 'rpath', 'rwpath')) ? $phpbb_root_path . $cfg_array[$config_name] : $cfg_array[$config_name]; + $path = $phpbb_root_path . $cfg_array[$config_name]; if (!file_exists($path)) { @@ -598,7 +595,7 @@ function validate_config_vars($config_vars, &$cfg_array, &$error) } // Check if the path is writable - if ($config_definition['validate'] == 'wpath' || $config_definition['validate'] == 'rwpath' || $config_definition['validate'] === 'absolute_path_writable') + if ($config_definition['validate'] == 'wpath' || $config_definition['validate'] == 'rwpath') { if (file_exists($path) && !$phpbb_filesystem->is_writable($path)) { diff --git a/phpBB/includes/functions_content.php b/phpBB/includes/functions_content.php index 43dce036a3..8284aab6a4 100644 --- a/phpBB/includes/functions_content.php +++ b/phpBB/includes/functions_content.php @@ -627,7 +627,7 @@ function generate_text_for_display($text, $uid, $bitfield, $flags, $censor_text } else { - $bbcode->bbcode($bitfield); + $bbcode->bbcode_set_bitfield($bitfield); } $bbcode->bbcode_second_pass($text, $uid); diff --git a/phpBB/includes/functions_posting.php b/phpBB/includes/functions_posting.php index 1e8f1ad00d..c7d691287c 100644 --- a/phpBB/includes/functions_posting.php +++ b/phpBB/includes/functions_posting.php @@ -519,7 +519,7 @@ function get_supported_image_types($type = false) */ function create_thumbnail($source, $destination, $mimetype) { - global $config, $phpbb_filesystem; + global $config, $phpbb_filesystem, $phpbb_dispatcher; $min_filesize = (int) $config['img_min_thumb_filesize']; $img_filesize = (file_exists($source)) ? @filesize($source) : false; @@ -551,25 +551,31 @@ function create_thumbnail($source, $destination, $mimetype) return false; } - $used_imagick = false; + $thumbnail_created = false; - // Only use ImageMagick if defined and the passthru function not disabled - if ($config['img_imagick'] && function_exists('passthru')) - { - if (substr($config['img_imagick'], -1) !== '/') - { - $config['img_imagick'] .= '/'; - } - - @passthru(escapeshellcmd($config['img_imagick']) . 'convert' . ((defined('PHP_OS') && preg_match('#^win#i', PHP_OS)) ? '.exe' : '') . ' -quality 85 -geometry ' . $new_width . 'x' . $new_height . ' "' . str_replace('\\', '/', $source) . '" "' . str_replace('\\', '/', $destination) . '"'); - - if (file_exists($destination)) - { - $used_imagick = true; - } - } + /** + * Create thumbnail event to replace GD thumbnail creation with for example ImageMagick + * + * @event core.thumbnail_create_before + * @var string source Image source path + * @var string destination Thumbnail destination path + * @var string mimetype Image mime type + * @var float new_width Calculated thumbnail width + * @var float new_height Calculated thumbnail height + * @var bool thumbnail_created Set to true to skip default GD thumbnail creation + * @since 3.2.4 + */ + $vars = array( + 'source', + 'destination', + 'mimetype', + 'new_width', + 'new_height', + 'thumbnail_created', + ); + extract($phpbb_dispatcher->trigger_event('core.thumbnail_create_before', compact($vars))); - if (!$used_imagick) + if (!$thumbnail_created) { $type = get_supported_image_types($type); diff --git a/phpBB/includes/mcp/mcp_reports.php b/phpBB/includes/mcp/mcp_reports.php index a1386e5d7e..b4018184a7 100644 --- a/phpBB/includes/mcp/mcp_reports.php +++ b/phpBB/includes/mcp/mcp_reports.php @@ -246,7 +246,10 @@ class mcp_reports $parse_flags = ($post_info['user_sig_bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES; $post_info['user_sig'] = generate_text_for_display($post_info['user_sig'], $post_info['user_sig_bbcode_uid'], $post_info['user_sig_bbcode_bitfield'], $parse_flags, true); - $template->assign_vars(array( + $topic_id = (int) $post_info['topic_id']; + + // So it can be sent through the event below. + $report_template = array( 'S_MCP_REPORT' => true, 'S_CLOSE_ACTION' => append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=reports&mode=report_details&f=' . $post_info['forum_id'] . '&p=' . $post_id), 'S_CAN_VIEWIP' => $auth->acl_get('m_info', $post_info['forum_id']), @@ -298,7 +301,33 @@ class mcp_reports 'SIGNATURE' => $post_info['user_sig'], 'U_LOOKUP_IP' => ($auth->acl_get('m_info', $post_info['forum_id'])) ? $this->u_action . '&r=' . $report_id . '&p=' . $post_id . '&f=' . $forum_id . '&lookup=' . $post_info['poster_ip'] . '#ip' : '', - )); + ); + + /** + * Event to add/modify MCP report details template data. + * + * @event core.mcp_report_template_data + * @var int forum_id The forum_id, the number in the f GET parameter + * @var int topic_id The topic_id of the report being viewed + * @var int post_id The post_id of the report being viewed (if 0, it is meaningless) + * @var int report_id The report_id of the report being viewed + * @var array report Array with the report data + * @var array report_template Array with the report template data + * @var array post_info Array with the reported post data + * @since 3.2.5-RC1 + */ + $vars = array( + 'forum_id', + 'topic_id', + 'post_id', + 'report_id', + 'report', + 'report_template', + 'post_info', + ); + extract($phpbb_dispatcher->trigger_event('core.mcp_report_template_data', compact($vars))); + + $template->assign_vars($report_template); $this->tpl_name = 'mcp_post'; diff --git a/phpBB/includes/questionnaire/questionnaire.php b/phpBB/includes/questionnaire/questionnaire.php index 5a27124bf9..2f80582918 100644 --- a/phpBB/includes/questionnaire/questionnaire.php +++ b/phpBB/includes/questionnaire/questionnaire.php @@ -369,7 +369,6 @@ class phpbb_questionnaire_phpbb_data_provider 'hot_threshold' => true, 'img_create_thumbnail' => true, 'img_display_inlined' => true, - 'img_imagick' => true, 'img_link_height' => true, 'img_link_width' => true, 'img_max_height' => true, diff --git a/phpBB/install/convertors/functions_phpbb20.php b/phpBB/install/convertors/functions_phpbb20.php index 8b80eec4c8..2da901d3de 100644 --- a/phpBB/install/convertors/functions_phpbb20.php +++ b/phpBB/install/convertors/functions_phpbb20.php @@ -1694,7 +1694,6 @@ function phpbb_import_attach_config() $config->set('img_create_thumbnail', $attach_config['img_create_thumbnail']); $config->set('img_max_thumb_width', 400); $config->set('img_min_thumb_filesize', $attach_config['img_min_thumb_filesize']); - $config->set('img_imagick', $attach_config['img_imagick']); } /** diff --git a/phpBB/install/phpbbcli.php b/phpBB/install/phpbbcli.php index bc329fd2e5..8911274055 100755 --- a/phpBB/install/phpbbcli.php +++ b/phpBB/install/phpbbcli.php @@ -23,7 +23,7 @@ if (php_sapi_name() !== 'cli') define('IN_PHPBB', true); define('IN_INSTALL', true); define('PHPBB_ENVIRONMENT', 'production'); -define('PHPBB_VERSION', '3.2.4-RC1'); +define('PHPBB_VERSION', '3.2.4'); $phpbb_root_path = __DIR__ . '/../'; $phpEx = substr(strrchr(__FILE__, '.'), 1); diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql index e68253e7a2..158c8a1ac7 100644 --- a/phpBB/install/schemas/schema_data.sql +++ b/phpBB/install/schemas/schema_data.sql @@ -149,7 +149,6 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('hot_threshold', '2 INSERT INTO phpbb_config (config_name, config_value) VALUES ('icons_path', 'images/icons'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_create_thumbnail', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_display_inlined', '1'); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_imagick', ''); INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_link_height', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_link_width', '0'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('img_max_height', '0'); diff --git a/phpBB/language/en/acp/attachments.php b/phpBB/language/en/acp/attachments.php index 123c35a502..86430f46bd 100644 --- a/phpBB/language/en/acp/attachments.php +++ b/phpBB/language/en/acp/attachments.php @@ -111,8 +111,6 @@ $lang = array_merge($lang, array( 'IMAGE_LINK_SIZE' => 'Image link dimensions', 'IMAGE_LINK_SIZE_EXPLAIN' => 'Display image attachment as an inline text link if image is larger than this. To disable this behaviour, set the values to 0px by 0px.', - 'IMAGICK_PATH' => 'ImageMagick path', - 'IMAGICK_PATH_EXPLAIN' => 'Full path to the imagemagick convert application, e.g. <samp>/usr/bin/</samp>.', 'MAX_ATTACHMENTS' => 'Maximum number of attachments per post', 'MAX_ATTACHMENTS_PM' => 'Maximum number of attachments per private message', @@ -135,7 +133,6 @@ $lang = array_merge($lang, array( 'NO_EXT_GROUP_SPECIFIED' => 'No extension group specified.', 'NO_FILE_CAT' => 'None', 'NO_IMAGE' => 'No image', - 'NO_THUMBNAIL_SUPPORT' => 'Thumbnail support has been disabled. For proper functionality either the GD extension need to be available or imagemagick being installed. Both were not found.', 'NO_UPLOAD_DIR' => 'The upload directory you specified does not exist.', 'NO_WRITE_UPLOAD' => 'The upload directory you specified cannot be written to. Please alter the permissions to allow the webserver to write to it.', @@ -147,7 +144,6 @@ $lang = array_merge($lang, array( 'REMOVE_DISALLOWED_IPS' => 'Remove or un-exclude <em>disallowed</em> IPs/hostnames', 'RESYNC_FILES_STATS_CONFIRM' => 'Are you sure you wish to resynchronise file statistics?', - 'SEARCH_IMAGICK' => 'Search for ImageMagick', 'SECURE_ALLOW_DENY' => 'Allow/Deny list', 'SECURE_ALLOW_DENY_EXPLAIN' => 'Change the default behaviour when secure downloads are enabled of the Allow/Deny list to that of a <strong>whitelist</strong> (Allow) or a <strong>blacklist</strong> (Deny).', 'SECURE_DOWNLOADS' => 'Enable secure downloads', diff --git a/phpBB/phpbb/db/migration/data/v32x/remove_imagick.php b/phpBB/phpbb/db/migration/data/v32x/remove_imagick.php new file mode 100644 index 0000000000..7ad396f8e8 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v32x/remove_imagick.php @@ -0,0 +1,31 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\data\v32x; + +class remove_imagick extends \phpbb\db\migration\migration +{ + static public function depends_on() + { + return array( + '\phpbb\db\migration\data\v32x\v324rc1', + ); + } + + public function update_data() + { + return array( + array('config.remove', array('img_imagick')), + ); + } +} diff --git a/phpBB/phpbb/db/migration/data/v32x/v322rc1.php b/phpBB/phpbb/db/migration/data/v32x/v322rc1.php index 51e9f5fcaa..4fd6270132 100644 --- a/phpBB/phpbb/db/migration/data/v32x/v322rc1.php +++ b/phpBB/phpbb/db/migration/data/v32x/v322rc1.php @@ -23,6 +23,7 @@ class v322rc1 extends \phpbb\db\migration\migration static public function depends_on() { return array( + '\phpbb\db\migration\data\v32x\v321', '\phpbb\db\migration\data\v32x\fix_user_styles', '\phpbb\db\migration\data\v32x\update_prosilver_bitfield', '\phpbb\db\migration\data\v32x\email_force_sender', diff --git a/phpBB/phpbb/db/migration/data/v32x/v323rc1.php b/phpBB/phpbb/db/migration/data/v32x/v323rc1.php index 0ff20d5074..c3fcd1ab0b 100644 --- a/phpBB/phpbb/db/migration/data/v32x/v323rc1.php +++ b/phpBB/phpbb/db/migration/data/v32x/v323rc1.php @@ -23,6 +23,7 @@ class v323rc1 extends \phpbb\db\migration\migration static public function depends_on() { return array( + '\phpbb\db\migration\data\v32x\v322', '\phpbb\db\migration\data\v32x\enable_accurate_pm_button', ); } diff --git a/phpBB/phpbb/db/migration/data/v32x/v324.php b/phpBB/phpbb/db/migration/data/v32x/v324.php new file mode 100644 index 0000000000..cd7783fdee --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v32x/v324.php @@ -0,0 +1,38 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\data\v32x; + +class v324 extends \phpbb\db\migration\migration +{ + public function effectively_installed() + { + return phpbb_version_compare($this->config['version'], '3.2.4', '>='); + } + + static public function depends_on() + { + return array( + '\phpbb\db\migration\data\v32x\v324rc1', + '\phpbb\db\migration\data\v32x\remove_imagick', + ); + + } + + public function update_data() + { + return array( + array('config.update', array('version', '3.2.4')), + ); + } +} diff --git a/phpBB/phpbb/db/migration/data/v32x/v324rc1.php b/phpBB/phpbb/db/migration/data/v32x/v324rc1.php index 78aed2f661..0221e2621a 100644 --- a/phpBB/phpbb/db/migration/data/v32x/v324rc1.php +++ b/phpBB/phpbb/db/migration/data/v32x/v324rc1.php @@ -23,6 +23,7 @@ class v324rc1 extends \phpbb\db\migration\migration static public function depends_on() { return array( + '\phpbb\db\migration\data\v32x\v323', '\phpbb\db\migration\data\v32x\forum_topics_per_page_type', ); } diff --git a/phpBB/phpbb/install/module/install_database/task/add_config_settings.php b/phpBB/phpbb/install/module/install_database/task/add_config_settings.php index 54114e3f9c..ba439609ff 100644 --- a/phpBB/phpbb/install/module/install_database/task/add_config_settings.php +++ b/phpBB/phpbb/install/module/install_database/task/add_config_settings.php @@ -151,10 +151,6 @@ class add_config_settings extends \phpbb\install\task_base VALUES ('default_lang', '" . $this->db->sql_escape($this->install_config->get('default_lang')) . "')", 'UPDATE ' . $this->config_table . " - SET config_value = '" . $this->db->sql_escape($this->install_config->get('img_imagick')) . "' - WHERE config_name = 'img_imagick'", - - 'UPDATE ' . $this->config_table . " SET config_value = '" . $this->db->sql_escape($this->install_config->get('server_name')) . "' WHERE config_name = 'server_name'", diff --git a/phpBB/phpbb/install/module/obtain_data/task/obtain_imagick_path.php b/phpBB/phpbb/install/module/obtain_data/task/obtain_imagick_path.php deleted file mode 100644 index 377d96ed1a..0000000000 --- a/phpBB/phpbb/install/module/obtain_data/task/obtain_imagick_path.php +++ /dev/null @@ -1,89 +0,0 @@ -<?php -/** - * - * This file is part of the phpBB Forum Software package. - * - * @copyright (c) phpBB Limited <https://www.phpbb.com> - * @license GNU General Public License, version 2 (GPL-2.0) - * - * For full copyright and license information, please see - * the docs/CREDITS.txt file. - * - */ - -namespace phpbb\install\module\obtain_data\task; - -class obtain_imagick_path extends \phpbb\install\task_base implements \phpbb\install\task_interface -{ - /** - * @var \phpbb\install\helper\config - */ - protected $config; - - /** - * Constructor - * - * @param \phpbb\install\helper\config $config Installer's config - */ - public function __construct(\phpbb\install\helper\config $config) - { - $this->config = $config; - - parent::__construct(true); - } - - /** - * {@inheritdoc} - */ - public function run() - { - // Can we find ImageMagick anywhere on the system? - $exe = (DIRECTORY_SEPARATOR == '\\') ? '.exe' : ''; - - $magic_home = getenv('MAGICK_HOME'); - $img_imagick = ''; - if (empty($magic_home)) - { - $locations = array('C:/WINDOWS/', 'C:/WINNT/', 'C:/WINDOWS/SYSTEM/', 'C:/WINNT/SYSTEM/', 'C:/WINDOWS/SYSTEM32/', 'C:/WINNT/SYSTEM32/', '/usr/bin/', '/usr/sbin/', '/usr/local/bin/', '/usr/local/sbin/', '/opt/', '/usr/imagemagick/', '/usr/bin/imagemagick/'); - $path_locations = str_replace('\\', '/', (explode(($exe) ? ';' : ':', getenv('PATH')))); - - $locations = array_merge($path_locations, $locations); - foreach ($locations as $location) - { - // The path might not end properly, fudge it - if (substr($location, -1, 1) !== '/') - { - $location .= '/'; - } - - if (@file_exists($location) && @is_readable($location . 'mogrify' . $exe) && @filesize($location . 'mogrify' . $exe) > 3000) - { - $img_imagick = str_replace('\\', '/', $location); - continue; - } - } - } - else - { - $img_imagick = str_replace('\\', '/', $magic_home); - } - - $this->config->set('img_imagick', $img_imagick); - } - - /** - * {@inheritdoc} - */ - static public function get_step_count() - { - return 0; - } - - /** - * {@inheritdoc} - */ - public function get_task_lang_name() - { - return ''; - } -} diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php index 416ffe3d90..0d56a5a9c5 100644 --- a/phpBB/viewforum.php +++ b/phpBB/viewforum.php @@ -598,6 +598,18 @@ else $sql_start = $start; } +/** + * Modify the topics sort ordering if needed + * + * @event core.viewforum_modify_sort_direction + * @var string direction Topics sort order + * @since 3.2.5-RC1 + */ +$vars = array( + 'direction', +); +extract($phpbb_dispatcher->trigger_event('core.viewforum_modify_sort_direction', compact($vars))); + if (is_array($sort_by_sql[$sort_key])) { $sql_sort_order = implode(' ' . $direction . ', ', $sort_by_sql[$sort_key]) . ' ' . $direction; diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index 0cbb5284c7..eb2d52cf61 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -263,6 +263,20 @@ if (!$topic_data) $forum_id = (int) $topic_data['forum_id']; +/** + * Modify the forum ID to handle the correct display of viewtopic if needed + * + * @event core.viewtopic_modify_forum_id + * @var string forum_id forum ID + * @var array topic_data array of topic's data + * @since 3.2.5-RC1 + */ +$vars = array( + 'forum_id', + 'topic_data', +); +extract($phpbb_dispatcher->trigger_event('core.viewtopic_modify_forum_id', compact($vars))); + // If the request is missing the f parameter, the forum id in the user session data is 0 at the moment. // Let's fix that now so that the user can't hide from the forum's Who Is Online list. $user->page['forum'] = $forum_id; diff --git a/tests/console/thumbnail_test.php b/tests/console/thumbnail_test.php index 439e3623fa..d5fbfa0fed 100644 --- a/tests/console/thumbnail_test.php +++ b/tests/console/thumbnail_test.php @@ -46,7 +46,6 @@ class phpbb_console_command_thumbnail_test extends phpbb_database_test_case $config = $this->config = new \phpbb\config\config(array( 'img_min_thumb_filesize' => 2, 'img_max_thumb_width' => 2, - 'img_imagick' => '', )); $this->db = $this->db = $this->new_dbal(); diff --git a/tests/functional/acp_attachments_test.php b/tests/functional/acp_attachments_test.php deleted file mode 100644 index 8e810a508a..0000000000 --- a/tests/functional/acp_attachments_test.php +++ /dev/null @@ -1,78 +0,0 @@ -<?php -/** - * - * This file is part of the phpBB Forum Software package. - * - * @copyright (c) phpBB Limited <https://www.phpbb.com> - * @license GNU General Public License, version 2 (GPL-2.0) - * - * For full copyright and license information, please see - * the docs/CREDITS.txt file. - * - */ - -/** - * @group functional - */ -class phpbb_functional_acp_attachments_test extends phpbb_functional_test_case -{ - public function data_imagick_path_linux() - { - return array( - array('/usr/bin', 'Configuration updated successfully'), - array('/usr/foobar', 'The entered path “/usr/foobar” does not exist.'), - array('/usr/bin/which', 'The entered path “/usr/bin/which” is not a directory.'), - ); - } - - /** - * @dataProvider data_imagick_path_linux - */ - public function test_imagick_path_linux($imagick_path, $expected) - { - if (strtolower(substr(PHP_OS, 0, 5)) !== 'linux') - { - $this->markTestSkipped('Unable to test linux specific paths on other OS.'); - } - - $this->login(); - $this->admin_login(); - - $crawler = self::request('GET', 'adm/index.php?i=attachments&mode=attach&sid=' . $this->sid); - - $form = $crawler->selectButton('Submit')->form(array('config[img_imagick]' => $imagick_path)); - - $crawler = self::submit($form); - $this->assertContains($expected, $crawler->filter('#main')->text()); - } - - public function data_imagick_path_windows() - { - return array( - array('C:\Windows', 'Configuration updated successfully'), - array('C:\Windows\foobar1', 'The entered path “C:\Windows\foobar1” does not exist.'), - array('C:\Windows\explorer.exe', 'The entered path “C:\Windows\explorer.exe” is not a directory.'), - ); - } - - /** - * @dataProvider data_imagick_path_windows - */ - public function test_imagick_path_windows($imagick_path, $expected) - { - if (strtolower(substr(PHP_OS, 0, 3)) !== 'win') - { - $this->markTestSkipped('Unable to test windows specific paths on other OS.'); - } - - $this->login(); - $this->admin_login(); - - $crawler = self::request('GET', 'adm/index.php?i=attachments&mode=attach&sid=' . $this->sid); - - $form = $crawler->selectButton('Submit')->form(array('config[img_imagick]' => $imagick_path)); - - $crawler = self::submit($form); - $this->assertContains($expected, $crawler->filter('#main')->text()); - } -} diff --git a/tests/functional/fileupload_form_test.php b/tests/functional/fileupload_form_test.php index d381fa1ae2..b0780172ff 100644 --- a/tests/functional/fileupload_form_test.php +++ b/tests/functional/fileupload_form_test.php @@ -99,7 +99,6 @@ class phpbb_functional_fileupload_form_test extends phpbb_functional_test_case $form = $crawler->selectButton('Submit')->form(array( 'config[check_attachment_content]' => 0, - 'config[img_imagick]' => '', )); self::submit($form); diff --git a/tests/functions_acp/validate_config_vars_test.php b/tests/functions_acp/validate_config_vars_test.php index 5c31888291..1182d659f0 100644 --- a/tests/functions_acp/validate_config_vars_test.php +++ b/tests/functions_acp/validate_config_vars_test.php @@ -161,100 +161,4 @@ class phpbb_functions_acp_validate_config_vars_test extends phpbb_test_case $this->assertEquals($expected, $phpbb_error); } - - public function data_validate_path_linux() - { - return array( - array('/usr/bin', 'absolute_path', true), - array('/usr/bin/', 'absolute_path:50:200', true), - array('/usr/bin/which', 'absolute_path', 'DIRECTORY_NOT_DIR'), - array('/foo/bar', 'absolute_path', 'DIRECTORY_DOES_NOT_EXIST'), - array('C:\Windows', 'absolute_path', 'DIRECTORY_DOES_NOT_EXIST'), - array('.', 'absolute_path', true), - array('', 'absolute_path', true), - array('mkdir /foo/bar', 'absolute_path', 'DIRECTORY_DOES_NOT_EXIST'), - // Make sure above command didn't do anything - array('/foo/bar', 'absolute_path', 'DIRECTORY_DOES_NOT_EXIST'), - ); - } - - /** - * @dataProvider data_validate_path_linux - */ - public function test_validate_path_linux($path, $validation_type, $expected) - { - if (strtolower(substr(PHP_OS, 0, 5)) !== 'linux') - { - $this->markTestSkipped('Unable to test linux specific paths on other OS.'); - } - - $error = array(); - $config_ary = array( - 'path' => $path, - ); - - validate_config_vars(array( - 'path' => array('lang' => 'FOOBAR', 'validate' => $validation_type), - ), - $config_ary, - $error - ); - - if ($expected === true) - { - $this->assertEmpty($error); - } - else - { - $this->assertEquals(array($expected), $error); - } - } - - public function data_validate_path_windows() - { - return array( - array('C:\Windows', 'absolute_path', true), - array('C:\Windows\\', 'absolute_path:50:200', true), - array('C:\Windows\explorer.exe', 'absolute_path', 'DIRECTORY_NOT_DIR'), - array('C:\foobar', 'absolute_path', 'DIRECTORY_DOES_NOT_EXIST'), - array('/usr/bin', 'absolute_path', 'DIRECTORY_DOES_NOT_EXIST'), - array('.', 'absolute_path', true), - array('', 'absolute_path', true), - array('mkdir C:\Windows\foobar', 'absolute_path', 'DIRECTORY_DOES_NOT_EXIST'), - // Make sure above command didn't do anything - array('C:\Windows\foobar', 'absolute_path', 'DIRECTORY_DOES_NOT_EXIST'), - ); - } - - /** - * @dataProvider data_validate_path_windows - */ - public function test_validate_path_windows($path, $validation_type, $expected) - { - if (strtolower(substr(PHP_OS, 0, 3)) !== 'win') - { - $this->markTestSkipped('Unable to test windows specific paths on other OS.'); - } - - $error = array(); - $config_ary = array( - 'path' => $path, - ); - - validate_config_vars(array( - 'path' => array('lang' => 'FOOBAR', 'validate' => $validation_type), - ), - $config_ary, - $error - ); - - if ($expected === true) - { - $this->assertEmpty($error); - } - else - { - $this->assertEquals(array($expected), $error); - } - } } |